review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Jason A. Donenfeld <Jason@zx2c4.com>
	Tue, 2 Aug 2022 12:56:12 +0000 (14:56 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 17 Aug 2022 12:23:37 +0000 (14:23 +0200)
commit	c36369f7db87e7d0a5c46700355c313df88263e7
tree	dfafbdc0cf03c7e27503ce6d612d82e211fe51b6	tree \| snapshot
parent	73ccc2b153a2deea1e8b535627aa95a9ccd921a4	commit \| diff

wireguard: allowedips: don't corrupt stack when detecting overflow

[ Upstream commit c31b14d86dfe7174361e8c6e5df6c2c3a4d5918c ]

In case push_rcu() and related functions are buggy, there's a
WARN_ON(len >= 128), which the selftest tries to hit by being tricky. In
case it is hit, we shouldn't corrupt the kernel's stack, though;
otherwise it may be hard to even receive the report that it's buggy. So
conditionalize the stack write based on that WARN_ON()'s return value.

Note that this never *actually* happens anyway. The WARN_ON() in the
first place is bounded by IS_ENABLED(DEBUG), and isn't expected to ever
actually hit. This is just a debugging sanity check.

Additionally, hoist the constant 128 into a named enum,
MAX_ALLOWEDIPS_BITS, so that it's clear why this value is chosen.

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lore.kernel.org/all/CAHk-=wjJZGA6w_DxA+k7Ejbqsq+uGK==koPai3sqdsfJqemvag@mail.gmail.com/
Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

drivers/net/wireguard/allowedips.c		diff \| blob \| history
drivers/net/wireguard/selftest/allowedips.c		diff \| blob \| history